Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/98c609-07fa-4e2b-b476-6a29bc9f8a78/1/PmQ7D2Mj67yKtQ9cr1GiTLsv5gg.roa
File:                     PmQ7D2Mj67yKtQ9cr1GiTLsv5gg.roa (raw, json)
Hash identifier:          5dHIigCSlJsB3go+Brg2sevV9LIQTUqp/QnCZ75khpk=
Subject key identifier:   3E:64:3B:0F:63:23:EB:BC:8A:B5:0F:5C:AF:51:A2:4C:BB:2F:E6:08
Certificate issuer:       /CN=a6a88b0887c32de5966f81ff915d6b5ff31532dd
Certificate serial:       018C3931CFBB9A947EE8325F7A82F1D21B26
Authority key identifier: A6:A8:8B:08:87:C3:2D:E5:96:6F:81:FF:91:5D:6B:5F:F3:15:32:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pqiLCIfDLeWWb4H_kV1rX_MVMt0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/98c609-07fa-4e2b-b476-6a29bc9f8a78/1/PmQ7D2Mj67yKtQ9cr1GiTLsv5gg.roa
Signing time:             Tue 05 Dec 2023 08:56:54 +0000
ROA not before:           Tue 05 Dec 2023 08:56:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206730
IP address blocks:        185.166.48.0/22 maxlen: 22
                          2a0a:8a00::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:39:31:cf:bb:9a:94:7e:e8:32:5f:7a:82:f1:d2:1b:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6a88b0887c32de5966f81ff915d6b5ff31532dd
        Validity
            Not Before: Dec  5 08:56:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3e643b0f6323ebbc8ab50f5caf51a24cbb2fe608
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:99:dc:61:6f:ff:b8:f7:17:2f:91:d6:4b:dd:
                    ca:30:52:47:95:e7:1e:e6:8f:7a:86:2d:77:ad:42:
                    0f:53:58:83:26:ed:80:52:9b:8d:5b:03:02:eb:19:
                    77:2b:04:a0:12:93:49:c5:08:5e:04:3c:4f:3f:e5:
                    c5:ec:af:12:57:20:9b:8c:2d:f5:ec:16:d4:c1:85:
                    f1:68:3f:62:04:ac:72:3f:37:9d:65:c0:7e:a5:e7:
                    ec:47:bc:31:65:8a:6b:08:ad:92:0e:6b:c4:a2:61:
                    44:16:5f:df:b1:4b:78:8b:2e:6e:32:2f:3c:3e:4e:
                    23:d5:85:c8:c5:ec:ad:0f:9a:60:43:b5:70:af:19:
                    bb:42:07:85:51:ff:88:2b:27:58:55:f7:e6:ad:5d:
                    f1:c0:65:ae:33:10:69:61:ad:fe:d0:a6:53:ba:77:
                    4c:a8:bd:0e:bd:e0:6a:53:3d:ca:6a:7f:0e:68:1a:
                    74:29:41:73:da:57:12:f6:bb:ca:d0:9e:f1:fc:11:
                    a8:d4:2e:df:fb:80:13:5c:de:ea:c7:43:34:fc:54:
                    8e:bf:db:a5:3d:65:ab:d0:4b:de:99:fc:92:88:be:
                    d3:89:39:71:0f:4b:4f:60:2c:df:46:7e:11:ef:3d:
                    bf:74:54:e3:82:cd:1e:73:8b:77:6e:c0:44:7f:c1:
                    4f:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:64:3B:0F:63:23:EB:BC:8A:B5:0F:5C:AF:51:A2:4C:BB:2F:E6:08
            X509v3 Authority Key Identifier:
                keyid:A6:A8:8B:08:87:C3:2D:E5:96:6F:81:FF:91:5D:6B:5F:F3:15:32:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqiLCIfDLeWWb4H_kV1rX_MVMt0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/98c609-07fa-4e2b-b476-6a29bc9f8a78/1/PmQ7D2Mj67yKtQ9cr1GiTLsv5gg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/98c609-07fa-4e2b-b476-6a29bc9f8a78/1/pqiLCIfDLeWWb4H_kV1rX_MVMt0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.166.48.0/22
                IPv6:
                  2a0a:8a00::/32

    Signature Algorithm: sha256WithRSAEncryption
         10:22:ae:e7:a2:1c:9c:d0:ef:a3:83:ed:db:2d:dc:d0:35:89:
         f4:54:33:71:80:11:26:b3:95:38:ba:f7:6f:70:80:29:d2:62:
         1f:33:0c:4b:83:2f:47:00:7f:4d:d8:cd:49:6e:1b:9d:f9:c9:
         e6:0f:11:d0:46:bf:61:1e:ad:40:27:dc:b1:4f:4a:dd:30:bd:
         1f:35:9d:a8:c6:28:32:57:c7:d4:3a:dd:97:4a:24:e7:9f:46:
         20:15:e9:f8:53:9e:08:d6:18:d2:66:88:d6:ff:ae:89:26:ae:
         59:f0:00:1b:8b:e6:ff:12:86:fc:f2:2e:8d:8d:8f:79:5c:cd:
         d5:a5:57:20:e2:28:f1:5f:64:96:0c:28:8f:97:63:d5:28:90:
         8e:c5:1b:46:b1:bf:12:5e:e7:4f:65:ae:c8:49:cd:a7:c4:b1:
         77:8a:95:84:9a:9c:15:40:99:75:bf:34:54:e8:41:5c:16:1f:
         98:5d:4a:76:c6:93:e4:cc:47:13:58:8f:af:7f:42:75:49:4a:
         65:0b:d1:98:d9:90:ad:0a:49:cc:ec:f7:1f:12:59:0a:bc:1f:
         92:ed:d0:d5:79:dd:30:37:00:65:21:06:17:a3:05:0f:f7:db:
         f2:4c:2a:c7:c8:fe:dd:61:cd:dc:a2:02:1a:a8:d5:49:ac:48:
         9c:2d:15:5b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYw5Mc+7mpR+6DJfeoLx0hsmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YTg4YjA4ODdjMzJkZTU5NjZmODFmZjkxNWQ2YjVmZjMx
NTMyZGQwHhcNMjMxMjA1MDg1NjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTY0M2IwZjYzMjNlYmJjOGFiNTBmNWNhZjUxYTI0Y2JiMmZlNjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJncYW//uPcXL5HWS93KMFJHlece
5o96hi13rUIPU1iDJu2AUpuNWwMC6xl3KwSgEpNJxQheBDxPP+XF7K8SVyCbjC31
7BbUwYXxaD9iBKxyPzedZcB+pefsR7wxZYprCK2SDmvEomFEFl/fsUt4iy5uMi88
Pk4j1YXIxeytD5pgQ7Vwrxm7QgeFUf+IKydYVffmrV3xwGWuMxBpYa3+0KZTundM
qL0OveBqUz3Kan8OaBp0KUFz2lcS9rvK0J7x/BGo1C7f+4ATXN7qx0M0/FSOv9ul
PWWr0EvemfySiL7TiTlxD0tPYCzfRn4R7z2/dFTjgs0ec4t3bsBEf8FPXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD5kOw9jI+u8irUPXK9Roky7L+YIMB8GA1UdIwQY
MBaAFKaoiwiHwy3llm+B/5Fda1/zFTLdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHFpTENJZkRMZVdXYjRIX2tWMXJYX01WTXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85OGM2MDktMDdmYS00ZTJiLWI0NzYt
NmEyOWJjOWY4YTc4LzEvUG1RN0QyTWo2N3lLdFE5Y3IxR2lUTHN2NWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85OGM2MDktMDdmYS00ZTJiLWI0NzYtNmEyOWJjOWY4YTc4
LzEvcHFpTENJZkRMZVdXYjRIX2tWMXJYX01WTXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaYwMA0E
AgACMAcDBQAqCooAMA0GCSqGSIb3DQEBCwUAA4IBAQAQIq7nohyc0O+jg+3bLdzQ
NYn0VDNxgBEms5U4uvdvcIAp0mIfMwxLgy9HAH9N2M1Jbhud+cnmDxHQRr9hHq1A
J9yxT0rdML0fNZ2oxigyV8fUOt2XSiTnn0YgFen4U54I1hjSZojW/66JJq5Z8AAb
i+b/Eob88i6NjY95XM3VpVcg4ijxX2SWDCiPl2PVKJCOxRtGsb8SXudPZa7ISc2n
xLF3ipWEmpwVQJl1vzRU6EFcFh+YXUp2xpPkzEcTWI+vf0J1SUplC9GY2ZCtCknM
7PcfElkKvB+S7dDVed0wNwBlIQYXowUP99vyTCrHyP7dYc3cogIaqNVJrEicLRVb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:58 2024 by rpki-client on console-ams.rpki-client.org